School Cyber Attacks: A Growing Concern

The Information Commissioner's Office (ICO) has unveiled a disconcerting trend in the realm of cybersecurity within educational institutions. More than half of the cyber attacks and data breaches in schools and colleges are being perpetrated by their own students, a revelation that has sent shockwaves through the education sector.

According to the ICO's findings, students are engaging in hacking activities and unauthorized access to private data, often motivated by a sense of fun or as part of dares among peers. This phenomenon, termed the "insider threat" by the ICO, is reportedly being underestimated by educators and administrators alike.

Heather Toomey, Principal Cyber Specialist at the ICO, emphasizes the potential escalation of these activities: "What starts out as a dare, a challenge, a bit of fun in a school setting can ultimately lead to children taking part in damaging attacks on organisations or critical infrastructure."

The ICO's investigation into 215 hacks and breaches in educational settings since 2022 revealed that 57% were student-led. Alarmingly, almost a third of these breaches involved students illegally accessing staff computer systems by guessing passwords or pilfering login credentials from teachers. The age range of perpetrators is strikingly wide, with incidents involving children as young as seven years old, highlighting the need for comprehensive cybersecurity education from an early age.